In a sense, managed IT is like art, fashion and music, in that it’s always evolving and never a finished concept. The surge in evolving technology and the never-ending bane of systems infiltration attempts by digital intruders necessitates that managed IT providers increase new layers and augment existing platform elements. Next comes the easy part: convincing end-users they must have a bare minimum of solutions from the provider’s technology stack in order to ensure uninterrupted operations. That’s a bit tongue in cheek.
Expectations-setting is an essential cog in customer engagements. Which brings us back to the topic of fashion—hair styles in particular. We’ve all seen the style books that sit in the reception area of a beauty salon. Invariably, hairdressers will have to deal with a client who has leafed through those books and spotted their dream ’do. “I want my hair to look like this,” they say, pointing to a picture. The hairdresser will then smile and mention the reasons (hair texture, thickness, health) the customer won’t enjoy the same outcome as in the photo.
Much like hairdressers, IT services providers have to ensure they’re not setting clients up for disappointment. Customers may want the best available package, but they may also object to costs, be loath to change processes if needed, lack the operational maturity that’s necessary and be unprepared to actively engage in their company’s journey to optimization.
The March State of the Industry report on managed IT focuses on three keys to delivering an impactful, effective program: the tech stack, closing the SMB cybersecurity gap and the aforementioned management of customer expectations and outcomes. Securing all three is the quickest path to a long-term engagement.
More Informed
Usherwood Office
Technology
It stands to reason that the dealer tech stack of 2026 is more sophisticated than the lineup of offerings from 10 years ago. By the same token, notes Lindsay Usherwood, general counsel for Usherwood Office Technology of Syracuse, New York, clients are also more sophisticated, and she sees that as a good thing. Today’s typical managed IT client needs to have greater insight into the tools and issues needed to focus on their core business goals.
Usherwood points out her company’s platform has evolved to one that’s both integrated and security-first, combining infrastructure, cybersecurity, compliance and strategic advisory services. It speaks to the needs of the modern client that’s faced with greater complexity courtesy of AI adoption, regulatory pressure and the morphing intrusions accompanying cybersecurity threats. How these factors impact the direction of their businesses is foremost on the minds of clients.
Proactive incident response planning can also calm these nerves. Too many organizations wait until they’re already dealing with a breach to think about their plan.
– Lindsay Usherwood, Usherwood Office Technology
“These shape our offerings by pushing us to provide clearer guidance, stronger security layers and support that also helps clients manage change, rather than just deploying the latest and greatest tools,” Usherwood said.
On the subject of cybersecurity, Usherwood points out her company’s baseline tech stack consists of all the core protections a client requires. The good news is that the safeguards are within reach for smaller budgets, as the cost of the protective layers has eased from its 2020–2021 highs.
The most prevalent cybersecurity gaps in the SMB community generally arise from change management. When it comes to client onboarding challenges, a lion’s share centers on hesitations toward multi-factor authentication, zero trust and migrating away from familiar systems, according to Usherwood.
“The change can seem overwhelming, but clear communication and simple guidance go a long way in helping them settle into new processes,” she said. “Proactive incident response planning can also calm these nerves. Too many organizations wait until they’re already dealing with a breach to think about their plan. Even a simple, predefined framework makes it easier to contain an incident and recover quickly, and it also helps clients feel more comfortable.”
Usherwood believes change management and misaligned expectations of responsibility are often the biggest sources of frustration in managing client relationships. One hurdle is that expectations rarely square with the realities of how clients accept change. Additionally, the question of who takes ownership of risks, decisions and outcomes has shifted. Thus, the degree of difficulty in changing IT systems is arduous from both a technology and personnel standpoint.
“Users may need to change certain processes, which can seem overwhelming,” she said. “We utilize zero-trust principles with all our clients, and this change requires a shift in how they view access and verification across their environment. We know as humans, we can always do a better job of communicating, but making our messaging more consistent and proactive always remains a key focus.
Informed Offering
Marco of St. Cloud, Minnesota, one of the nation’s largest dealerships, with revenues exceeding $450 million, attributes some of that success to the distinction of being one of the biggest and fastest-growing IT and security service providers in the U.S. Its value proposition is built on helping organizations modernize, secure and transform their environments, notes Shelly Caldwell, managed service director. The net result is the ability to operate with more clarity, less risk and stronger outcomes.
Like its overall operations, Marco’s IT/security platform is coming off one of its strongest years to date. The dealer doubled down by entering 2026 with a deeper talent bench, expanded tooling and a more scalable platform designed for accelerated growth, according to Caldwell. They’re charged with helping clients address some of the more consistent needs of end-users: growing cyber threats, fragmented environments, budget constraints and a game plan for responsible AI adoption.
By walking customers through our five level technology maturity model, we create clarity on where they actually are, what outcomes are realistic today and what steps will move them toward long-term transformation.
– Shelly Caldwell, Marco
“These pressures are shaping our service strategy around data-driven diagnostics, elevated security baselines and outcomes-focused modernization across our four IT pillars: modern IT, cybersecurity, collaboration and digital transformation/AI,” Caldwell said.
On the cybersecurity side, the most noteworthy gaps within the SMB market that Caldwell identifies are:
- Lack of visibility into configuration drift, vulnerabilities and external attack surface
- Underinvestment in baseline security controls (MFA, EDR, patching, identity governance)
- Poor alignment between IT operations and business continuity needs
- Minimal security awareness training for end-users
Marco’s bare-minimum, compulsory tech stack clients must agree to includes:
- Next-gen endpoint protection (EDR/XDR)
- Multifactor authentication and identity hardening
- Email and cloud security controls
- Patch and vulnerability management
- Backup, business continuity and disaster recovery
- Foundational user training
Caldwell notes that every Marco engagement begins with data (secure score, insights assessments and environmental telemetry) which enables Marco to quickly and accurately pinpoint gaps. “To balance budget limitations, we right-size the roadmap: immediate priorities first, modernization over time and alignment to the customer’s stage on our five-level technology maturity model — from Basic Support to Business Innovation,” she said.
Managing client relationships is most challenging, Caldwell stressed, when there’s a misalignment between customer expectations and the current operational maturity level of their IT environment. In some cases, clients operating at a lower level with inconsistent tools or limited documentation desire the outcomes that accompany high maturity, such as resilience, automation, AI and advanced security.
“By walking customers through our five-level technology maturity model, we create clarity on where they actually are, what outcomes are realistic today and what steps will move them toward long-term transformation,” she noted. “This reduces friction, aligns expectations and improves long-term satisfaction.”
Big Picture
Fraser Advanced Information Systems
Managed IT services have shifted significantly over the past decade and a half for Fraser Advanced Information Systems of West Reading, Pennsylvania, and its independent subsidiary, Watchkeep. It’s morphed from break‑fix support to proactive management and, increasingly, to a role that influences broader business strategy. Providers are now expected to help organizations make informed decisions that strengthen operations, reduce exposure and support long‑term goals, according to Michael Macri, vice president of sales.
This evolution is driven in part by the volume of operational and security data organizations generate. Turning that information into meaningful guidance has become essential as SMBs confront the reality that technology choices are fundamentally business choices. With cybersecurity, compliance and continuity pressures rising, leadership conversations have moved away from cost alone and toward understanding the risks of inaction.
It’s not just about doing I.T. better—it’s about creating a smarter, more resilient business foundation.
– Michael Macri, Fraser Advanced Information Systems
As IT becomes a board‑level concern, the most effective organizations are those aligning technology strategy with business priorities and risk tolerance. Macri notes that this shift is being accelerated by emerging tools.
“By layering intelligence over our data through AI‑driven tools, we’re improving speed, efficiency and personalization across the board,” Macri said. “This allows us to deliver more tailored end-user experiences, automate routine issues and anticipate problems before they impact the business. It’s not just about doing IT better—it’s about creating a smarter, more resilient business foundation.”
Many small and midsize businesses still fall short on the basic cybersecurity controls now required for cyber liability insurance, leaving them increasingly exposed as threats and fraud attempts continue to rise. Travis Jack, director of service delivery at Watchkeep, notes that while some shortcomings stem from limited awareness, budget constraints are the more common barrier—often addressed only after an incident forces the issue at a far higher cost.
Jack emphasizes that the fundamentals are no longer optional. Cost‑effective tools enable organizations of any size to implement a core security stack built around multifactor authentication, employee security training, MDR‑level endpoint protection, and dependable backup and recovery. These measures, he says, are included in every Watchkeep engagement not because compliance requires them, but because they’re essential to business resilience.
Whether it’s qualifying for insurance, winning contracts or minimizing downtime, we focus on what matters most to the business, not just the infrastructure.
– Travis Jack, Fraser Advanced Information Systems
While advanced solutions and redundant environments may not fit every organization’s needs or budget, Jack stresses that the priority is establishing the foundational protections that reduce exposure and support continuity. Ensuring these basics are in place, he adds, is the most effective way for SMBs to strengthen their security posture and prepare for future growth.
“We align cybersecurity services to business outcomes, not just technical checkboxes,” Jack said. “That means prioritizing solutions that protect revenue, reputation and client trust. Whether it’s qualifying for insurance, winning contracts or minimizing downtime, we focus on what matters most to the business, not just the infrastructure.”
Surprises—whether in the form of downtime, shifting timelines or unclear direction—are the fastest way to undermine trust in a client relationship. That’s why Watchkeep emphasizes proactive, transparent communication and longterm planning as the foundation of its service approach. Every engagement begins with a tailored three-to-five-year roadmap that outlines expected projects, hardware refresh cycles and changing security requirements, then evolves through regular business reviews to stay aligned with real-world changes.
This structured planning model is designed to eliminate surprises and keep both sides focused on clarity, continuity and shared objectives. Watchkeep adds services only when they deliver meaningful operational, security or strategic value, ensuring decisions remain grounded in what drives the client’s success. At its core, the company’s relationship philosophy centers on listening, anticipating needs and staying aligned not just on technology, but on the broader definition of success for each business.
Fruits of Discipline
As we’ve seen, there’s no such thing as a finished managed IT offering; it’s either growing or stagnant. A number of dealers, including Gordon Flesch Company, have spun off their platforms into separate companies or divisions, which emphasizes the single-minded focus required to excel at a high level. The branding of Elevity in 2020 following the acquisition of a dedicated managed IT firm is one step in the organization’s 14-year journey. Basic support and vCIO guidance marked the starting point for the provider, but the tech stack has morphed to provide proper technology management ranging from strategy to a full security complement.
It’s also necessary for Elevity to remain firm with the package components. Clients that seek fewer or different items signal that it may not be a proper fit. The unfortunate reality is that the best managed IT service providers sometimes need to turn away potential clients.
According to Elevity President Jeff Dotzler, the evolution of the offering has been driven by discipline and focus. “Our platform focuses on the needs of organizations that value technology, understand the impact that a proper security approach has on productivity and a willingness to build a strategic plan with a roadmap to help them achieve both short- and long-term goals,” he noted.
On the cybersecurity end, knowledge is often the gap that needs to be bridged between provider and client, he said. Some clients and prospects work under the assumption that they’re not on the radar screen of a bad actor due to their size, which runs contradictory to the security event trends the dealer tracks. Elevity’s value prop consists of awareness training, email security, advanced endpoint detection, MFA, an SOC using both AI and trained humans, and a team that can react to any event ASAP. These represent the minimum requirements, Dotzler pointed out. The current full stack includes a managed SIEM.
We work hard to meet expectations and then remind the client about the work we do, both the work they’re aware of and the work they aren’t.
– Jeff Dotzler, Elevity
In cases where clients truly embrace the full security package but face budgetary restrictions, Elevity is willing to dial back on some of the more advanced security components. The tradeoff is a reduction in support during preventable security events.
“I don’t think we’ve ever been the ‘cheap’ option, but we’ve also never been ‘out solutioned.’ Each prospect understands and appreciates our approach and solution even though it may be out of their current budget,” Dotzler said.
He feels the most common frustration for clients isn’t complicated; they just want the technology to work. And when it does work, the question of cost invariably bubbles to the top.
“We work hard to meet expectations and then remind the client about the work we do, both the work they’re aware of and the work they aren’t,” Dotzler added. “We try hard to stay out of the technical weeds and keep the focus on outcomes. It’s in everyone’s best interest for the client to have as few support tickets as possible. When that occurs, both the client and our productivity is maximized.”
Engage Clients
There’s no denying that managed IT continues to take on greater importance within Les Olson IT, especially considering the brand tweak that added IT to the former Les Olson Co. during its 10-year journey. Initially consisting of a small team that tended to everything—onboarding, daily support, project design and implementation—the platform now boasts dedicated teams for onboarding, network stabilization, help desk, project design and execution. What was once a simple RMM and ticketing support function has blossomed into sophisticated tools for each team and their processes. Les Olson IT now manages more than 12,000 endpoints across nine branches, according to Keith Adams, vice president of IT.
While many of the same challenges remain static—system security, user security awareness, and best practices for systems and use—pricing increases have prompted organizations to cling to mature technology. “[It] becomes a challenge when trying to obtain system performance levels,” Adams said. “All these factors are challenging our teams to become more process-driven and toward highly repeatable outcomes. Strong efforts are placed in making our service offering even more efficient and cost-effective for us and our clients.”
We’ve seen clients that had as many as three MSPs in a one-year timeframe and refuse to acknowledge that simply paying for support isn’t the same as partnering for success.
– Keith Adams, Les Olson IT
Some of the most notable vulnerabilities from a cybersecurity standpoint, he added, are the half measures and partially implemented systems. Users will invest in the product and then become frustrated when it forces a change in work habits or feels too restrictive. Consequently, the product never gets implemented or is watered down to the point of ineffectiveness.
What’s interesting is that multi-factor authentication isn’t being embraced by businesses, which is odd considering most people encounter it in their personal affairs. Adams’ checklist of must-haves includes RMM, a strong AV/AM solution (he prefers MDR) and higher-level control systems beyond group policy to help stave off system compromise.
Communication is the elixir to effectively manage client relationships, Adams noted. A client loath to participate in the process is the most common source of frustration.
“They often have an expectation that simply agreeing to have our services means that all the things that go into supporting their environment magically appear or function as desired,” he said. “We’ve seen clients that had as many as three MSPs in a one-year timeframe and refuse to acknowledge that simply paying for support isn’t the same as partnering for success.”
All or Nothing
David Carson likes to point out that his company, Plus Inc., has offered managed IT services since the 1980s, when the cutting-edge technologies were MS-DOS computers. While the hardware has evolved over the years, the Greenville, South Carolina, dealership still focuses much of its energy toward small businesses with typically fewer than 25 computers. From antivirus to extended detection and response (XDR) and elements of the Microsoft 365 package to off-site backup, cybersecurity training and firewalls, to do business with Plus on a managed IT basis is to have these bare basics preventive measures.
When dealing with any businesses, small ones in particular, cost is always a major hurdle to clear. “When you have 50% of customers that are always watching their costs, it’s a challenge for them to justify the all-or-nothing approach,” Carson said. “There’s no in-between for us, and we do turn customers away because of it. But what we offer and what we do seems to work pretty well.”
The biggest thing is educating small businesses on why they need cybersecurity tools. It’s amazing how many of them still don’t get it.
– David Carson, PLUS Inc.
Carson credits his cybersecurity monitoring, which incorporates AI, with shutting down attacks from the start, and his clients haven’t experienced any infiltrations. Considering the size of the companies Plus serves, many of their customers and prospects follow the ill-advised “we’re too small to be attacked” mantra. Also, just having cybersecurity insurance isn’t a guarantee that a business won’t be liable in the event of an attack. Most insurers stipulate the policy holder must have off-site backups, employee training on potential threats, and end-point and XDR protections. If these conditions are not met, an insurance provider can deny coverage after a breech has happened.
Carson notes Plus customers have experienced breeches, but the dealer’s security stack has been able to shut them down quickly with few issues. Backups of all business-sustaining data via immutable offsite sources is a must-have, he notes, and sensitive data such as credit card information should be kept off the clients’ system.
“The biggest thing is educating small businesses on why they need this,” Carson said. “It’s amazing how many of them still don’t get it. The risk isn’t as critical to them. If they have sensitive data and financial information, they’re responsible for credit monitoring and other things. A lot of small businesses don’t understand why they need some of those things, but once they get hit, they’ll understand really quickly.”
Many customer headaches can be mitigated through communication. Carson feels it is important for smaller providers who lack the firepower of their larger competitors—particularly when it comes to specialists—to constantly coach up their reps. The more information the account execs possess, the more effective they’ll be in engaging with clients.
“They get a lot more traction when they understand what they’re talking to customers about,” he added.
